Sign-up

VARIoT news about IoT security

New vulnerabilities in mobile networks affect all cell generations since 2G - Hiper LAN 2

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 2, 2022, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: apple model: iphone
vendor: huawei model: huawei
vendor: oneplus model: oneplus
vendor: oneplus model: one

New Mobile Network Vulnerabilities Affect All Cellular Generations Since 2G - Shackle Media

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 20, 2021, 3:26 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: apple model: iphone
vendor: huawei model: huawei
vendor: oneplus model: oneplus
vendor: oneplus model: one

Log4j under siege, millions of devices vulnerable - NewsBreak

Trust: 3.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: code execution
Affected productsExternal IDs

Log4j Vulnerability: What You Need to Know - Bestgamingpro

Trust: 4.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Jan. 9, 2022, midnight
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: apple model: icloud

New Mobile Network Vulnerabilities Affect All Cellular Generations Since 2G - iHash

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 20, 2021, 3:26 p.m.
 Vulnerabilities: information disclosure
Affected productsExternal IDs
vendor: samsung model: samsung
vendor: samsung model: mobile
vendor: apple model: iphone
vendor: huawei model: huawei
vendor: oneplus model: oneplus
vendor: oneplus model: one

32 hardware and firmware vulnerabilities - Infosec Resources

Related entries in the VARIoT vulnerabilities database: VAR-201808-0384, VAR-201806-1453, VAR-201909-1456

Trust: 5.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: July 11, 2021, 3:25 p.m.
 Vulnerabilities: directory traversal, denial of service, buffer overflow...
Affected productsExternal IDs
vendor: netapp model: baseboard management controller
vendor: infineon model: trusted platform
vendor: asus model: bmc firmware
vendor: asus model: asus
vendor: asus model: router
vendor: dram model: dram
vendor: huawei model: huawei
vendor: lenovo model: system
vendor: lenovo model: bios
vendor: mikrotik model: winbox
vendor: mikrotik model: routers
vendor: mikrotik model: routeros
vendor: mikrotik model: mikrotik
vendor: mikrotik model: router
vendor: cisco model: routers
vendor: cisco model: router
db: NVD ids: CVE-2019-0863, CVE-2018-14847, CVE-2018-4251, CVE-2018-6260, CVE-2019-10540

Moobot botnet spreading via Hikvision camera vulnerability

Trust: 4.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: command injection, default credentials
Affected productsExternal IDs
vendor: hikvision model: hikvision
vendor: hikvision model: hikvision camera
vendor: hikvision model: camera
db: NVD ids: CVE-2021-36260

SweynTooth Vulnerabilities | CISA

Trust: 3.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: memory corruption, buffer overflow, security bypass
Affected productsExternal IDs
db: NVD ids: CVE-2019-19192, CVE-2019-17519, CVE-2019-17061, CVE-2019-17517, CVE-2019-19195, CVE-2019-19194, CVE-2019-17520, CVE-2019-17518, CVE-2019-17060, CVE-2019-16336, CVE-2019-19193, CVE-2019-19196

13 Best Vulnerability Scanner Tools for 2022 | eSecurity Planet

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: May 21, 2021, noon
 Vulnerabilities: sql injection
Affected productsExternal IDs
vendor: serve model: serve

Millions Devices At Risk Because Of New Software Vulnerability - The True Defender !

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 4.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 15, 2021, 10:05 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Top 10 Vulnerabilities in Mobile Applications | NTT Application Security

Trust: 4.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Feb. 22, 2021, 8:12 p.m.
 Vulnerabilities: brute force attack, information leakage
Affected productsExternal IDs
vendor: google model: android

DETAILS OF CVE-2021-44228 & CVE-2021-45046, THE TWO NEW LOG4J VULNERABILITIES AFFECTING MILLIONS OF DEVICES " Cyber Security

Related entries in the VARIoT vulnerabilities database: VAR-202112-0562, VAR-202112-0566

Trust: 3.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 17, 2021, 11:25 p.m.
 Vulnerabilities: denial of service, code execution
Affected productsExternal IDs
db: NVD ids: CVE-2021-45046, CVE-2021-44228

Ivanti Response to Log4J Vulnerability (CVE-2021-44228)

Related entries in the VARIoT vulnerabilities database: VAR-202112-0566

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Dec. 17, 2021, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-44228

Intel CPU flaw could enable hackers to attack PCs, cars, and medical devices - TechCentral.ie

Trust: 3.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: Nov. 17, 2021, 11:04 a.m.
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2021-0146

Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem

Trust: 4.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: denial of service, configuration error, buffer overflow...
Affected productsExternal IDs
vendor: parallels model: tools

Top IoT security vulnerabilities: 2020 and beyond

Trust: 5.0

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: default credentials
Affected productsExternal IDs
vendor: treck model: tcp/ip stack

Android Security Bulletin-July 2021 | Android Open Source Project

Related entries in the VARIoT vulnerabilities database: VAR-202107-0026

Trust: 4.25

Fetched: Dec. 28, 2021, 9:20 a.m., Published: July 16, 2021, midnight
 Vulnerabilities: denial of service, code execution, information disclosure
Affected productsExternal IDs
vendor: motorola model: android
vendor: motorola model: motorola
vendor: huawei model: huawei
vendor: google model: pixel
vendor: google model: android
vendor: nokia model: nokia
vendor: broadcom model: broadcom
vendor: samsung model: mobile
vendor: samsung model: samsung
vendor: samsung model: notes
db: NVD ids: CVE-2021-0600, CVE-2021-0587, CVE-2021-0589, CVE-2021-1953, CVE-2020-0417, CVE-2021-0590, CVE-2021-0604, CVE-2021-0441, CVE-2021-1938, CVE-2021-0597, CVE-2021-0599, CVE-2021-0592, CVE-2021-0585, CVE-2021-0586, CVE-2021-0596, CVE-2021-0601, CVE-2021-0602, CVE-2021-0594, CVE-2021-0515, CVE-2021-0588, CVE-2020-11307, CVE-2021-0603, CVE-2020-0368, CVE-2021-0514, CVE-2021-0486, CVE-2021-0577

Every Android Device Since 2012 Impacted by RAMpage Vulnerability

Trust: 3.5

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: android
vendor: google model: home
db: NVD ids: CVE-2018-9442

Cisco Firepower Device Manager Software Filesystem Space Exhaustion Denial of Service Vulnerability

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: April 19, 2021, 2:06 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: device manager
vendor: cisco model: firepower
vendor: cisco model: cisco firepower management center
vendor: cisco model: firepower management center

Millions of Google, Roku, and Sonos Devices Are Vulnerable to a Web Attack | WIRED

Trust: 4.75

Fetched: Dec. 28, 2021, 9:20 a.m., Published: -
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: roku model: roku
vendor: google model: home
vendor: google model: google home
vendor: google model: chromecast
vendor: sonos model: sonos